If this is your first visit, be sure to
check out the Forum Rules by clicking the
link above. You may have to register
before you can post: click the register link above to proceed. To start viewing messages,
select the forum that you want to visit from the selection below.

Re: Password Cracking Guide

Originally Posted by RageLtMan

My issue was actually not with recovering an administrative passwd but a user's - they had old domain logins and we needed his password in order to update his OSX keychain, l0phcrack came through, but i'd still like to find some solution that doesnt require a boot into windows. Awesome guide btw, slowly making my way through it.

I don't understand. You don't have to boot into windows to retrieve a user's password. You can boot BT, and run samdump which will dump all of the users passwords to the screen. Either use the option redirect the output (I don't remember what it is at the moment) or use samdump2 >hash.txt
Now you can use john the ripper, l0phcrack, or plain-text.info to crack the hash.

Re: Password Cracking Guide

Re: Password Cracking Guide

Awesome Post! I like the manual and I am excited to get my hands on it and check out the details.

So I have one issue when trying to crack the windows pass. When I try to mount the drive that has the SAM file, I get an error saying that the file in charge of the volume is locked. And it will not let me mount. As a further detail, when I ls -a the directory where the "sda2" is located it shows the media, but it is a dark yellow. Does this mean anything?

Is there something that I need to do before it will allow me access to the SAM? I was going to use the chntpsw command to crack the pass. I know from your manual that there are other options, but it seems to be the easiest way to crack them. Can you help me? Thanks for any help!

Re: Password Cracking Guide

goto to a terminal prompt and type in:
mount /dev/sda2 /mnt/whereever

don't try to use a gui to mount a partition. It has rarely worked for me.
The chntpw command will change the password. It you want to crack the password you must use samdump2. If you use chntpw be sure to blank the password and not to set the password to something you know. If you blank it you will get into the system, you set a password you might get it.

Re: Password Cracking Guide

Maybe a entry about Linux password cracking has to be added. From what I know, it takes different amounts of time to crack a password depending on which hash type is used. For example a MD5 hash is easier than a SHA-2 hash.